Looker Outbound Port Requirements

On this Page
Docs Menu

The Looker application requires outbound (public internet) network access for authorization, email relay, github, and license checks.

Looker also needs several other ports that can be internal to your network. Looker needs ports to communicate with your databases. You’ll need additional ports if you have migrated your internal configuration to a MySQL database or if you have clustered Looker (so the cluster nodes can communicate with each other.)

Authorization

Looker provides a secure mechanism for Looker support staff to login to customer instances.

If you wish to allow this, your Looker instance will need to make an outbound HTTPS connection to auth.looker.com on port 443.

Backups

Looker instances backup their application configuration once per day to Amazon S3 via HTTPS on port 443.

Email

Looker sends email for:

  • Scheduled Looks to end users.
  • Application errors to Looker.

By default, Looker uses Sendgrid as a mail relay. The hostname is smtp.sendgrid.net on port 587. You can also configure Looker to use your own email infrastructure by going to AdminSMTP.

Exception Reporting

Looker sends application exception reports to errorssentry.looker.com on port 9000.

Usage Reporting

Looker sends some usage information to ping.looker.com on port 443. This data informs product decisions and helps Looker understand feature adoption. It does not include any of your database information or metadata.

GitHub

Looker stores models in GitHub by default. It makes outbound connections to github.com on port 22 (ssh).

License Checks

Looker connects via HTTPS to license.looker.com on port 443:

  • At least once per day, at a random time.
  • When Looker starts running.
  • When a user clicks the Update button next to the license key on the Admin panel.

Next Step

After you have ensured Looker can access necessary services you’re ready to enable secure database access.

Still have questions?
Go to Discourse - or - Email Support
Top